Books & Videos

Table of Contents

Chapter: Introduction

Introduction to Android Security Essentials LiveLessons

03m 46s

Chapter: Lesson 1: Android Security Basics

Learning objectives

00m 35s

1.1 Understand the OWASP mobile top 10 security risks and why Android can be an insecure platform

05m 28s

1.2 Download and reverse engineer a sample Android APK and use adb to recover backup data

08m 58s

Chapter: Lesson 2: Dealing with Insecure Data

Learning objectives

00m 45s

2.1 Understand the data storage options on the Android platform

03m 46s

2.2 Understand Android permissions and how to gain access to insecure data

03m 8s

2.3 Securely write to an SD-card and a SQLite database

14m 30s

Chapter: Lesson 3: Weak Server Side Controls

Learning objectives

00m 43s

3.1 Understand the OWASP Web Top 10

09m 24s

3.2 Understand the OWASP Cloud Top 10

06m 40s

Chapter: Lesson 4: Insufficient Transport Layer Protection

Learning objectives

00m 54s

4.1 Encrypt sensitive data for transmission

09m 16s

4.2 Use a proxy to perform man-in-the-middle attacks

05m 15s

Chapter: Lesson 5: Client Side Injection

Learning objectives

00m 36s

5.1 Differentiate between native Android, HTML5 apps and hybrid apps

07m 0s

5.2 Understand how hybrid apps can be exploited using XSS and SQL injection and how basic data validation can stop such attacks

05m 31s

Chapter: Lesson 6: Poor Authorization

Learning objectives

00m 38s

6.1 Understand how tokens such as device IDs, time etc. are often used to poorly authenticate the users

02m 22s

6.2 Understand best practices for user authentication and account validation

08m 10s

Chapter: Lesson 7: Improper Session Handling

Learning objectives

00m 29s

7.1 Differentiate between web and mobile session management

02m 37s

7.2 Use social media websites for session management

05m 6s

Chapter: Lesson 8: Security Decisions via Untrusted Inputs

Learning objectives

00m 28s

8.1 Understand Android intents and how they can be abused

06m 4s

8.2 Understand Android permissions and why an app might be asking for more permissions than it needs

05m 38s

Chapter: Lesson 9: Side Channel Data Leakage

Learning objectives

00m 51s

9.1 Understand how third party libraries are used for collecting data in a an Android app

05m 51s

9.2 Examine log files as a source of data leakage

06m 1s

Chapter: Lesson 10: Broken Cryptography

Learning objectives

00m 57s

10.1 Understand types of cryptography used in a typical Android app

01m 58s

10.2 Understand why it is usually not a good idea to store a key on the client/device

02m 38s

10.3 Use the NDK or database encryption to hide API or encryption keys

09m 0s

Chapter: Lesson 11: Sensitive Information Disclosure

Learning objectives

00m 47s

11.1 Explain how sensitive information gets stored in an APK

07m 25s

11.2 Understand best practices for storing sensitive information

13m 24s

Chapter: Lesson 12: Conclusion

Learning objectives

00m 34s

12.1 Use third party tools (GoatDroid) to get better at writing secure Android code

10m 5s

12.2 Summarize the tips shown in these lessons

04m 21s

Chapter: Summary

Summary of Android Security Essentials LiveLessons

02m 27s